Apparatus and Method of Securing Private Content Stored in a Memory

ABSTRACT

Apparatus and a method of securing private content stored in a memory are presented. A terminal includes a memory to store private content. The terminal also includes a security function to compare a private content identifier with a smart card identifier that includes MSISDN information associated with the smart card, to produce a comparison result. The security function grants the smart card access to the private content when the first comparison result is positive.

CLAIM OF PRIORITY

The present application claims priority from and is a continuation of U.S. patent application Ser. No. 10/764,668 filed on Jan. 26, 2004 and entitled “Systems and Methods for Securing Personal or Private Content Stored in The Internal Memory of a Mobile Terminal,” the contents of which are expressly incorporated herein by reference in their entirety.

FIELD OF THE DISCLOSURE

The present disclosure relates to cell phones and other wireless mobile terminals having an internal memory. More particularly, the present disclosure relates to terminals, systems, and methods for securing personal or private content stored in the internal memory of a mobile terminal.

BACKGROUND

In many regions of the world, a mobile communications terminal such as a cell phone is not locked to a specific network service provider. Instead, subscribers to a network are issued a smart card, such as a Subscriber Identity Module (SIM) or other removable plastic card that uniquely identifies the user account to the network, handles authentication and provides data storage for user data such as phone numbers and network information. The SIM may also contain applications that can be accessed by the phone. The phone itself is fungible because a subscriber can use any phone that accepts a SIM.

SIM cards often operate in conjunction with a phone that operates in a wireless network environment such as the Global System for Mobile Communications (GSM) network. In a GSM environment, any phone can be used by inserting a SIM card into the phone and accessing the network. More significantly, however, inserting a SIM card into a GSM phone not only provides access to the network, but also provides access to any private content stored in the internal memory of the phone. If an owner loses, loans, discards, or otherwise loses control of the phone, anyone with a SIM card can access the owner's private content on the phone.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is further described in the detailed description that follows, by reference to the noted drawings by way of non-limiting examples of embodiments of the present disclosure, in which like reference numerals represent similar parts throughout several views of the drawings, and in which:

FIG. 1 is a block diagram showing an exemplary mobile terminal of one embodiment of the present disclosure;

FIG. 2 is a flow chart of an exemplary method of the present disclosure; and

FIG. 3 is a block diagram showing an exemplary system of one embodiment of the present disclosure.

DESCRIPTION OF THE PREFERRED EMBODIMENT(S)

In view of the foregoing, the present disclosure, through one or more of its various aspects, embodiments and/or specific features or sub-components, is thus intended to bring out one or more of the advantages that will be evident from the description. The embodiments are described with frequent reference to phones or cell phones. It is understood that a phone is merely an example of a specific embodiment of the present disclosure, which is directed generically to mobile equipment, systems and methods within the scope of the disclosure, together with equipment, systems and methods of Public Switched Telephone Networks (PSTN) and Internet Protocol (IP) telephony, including but not limited to Voice-Over IP (VoIP). The terminology, therefore, is not intended to limit the scope of the disclosure.

The mobile equipment has a processor for executing instructions and commands. The mobile equipment communicates with a SIM using commands and protocols executed by the processor. The SIM has an internal memory that stores data, including but not limited to International Mobile Subscriber Identity (IMSI) information that provides the unique identity of a subscriber. The SIM may also store a Mobile Station International ISDN (MSISDN) number. SIM cards often operate in conjunction with a phone that operates in a wireless network environment such as, for example, in the GSM network.

GSM, a Second Generation (2G) wireless network technology, is the defacto European standard for digital cellular telephone service, and it is also available in the Americas. GSM is the most widely used of the three digital wireless telephone technologies (IS-136, GSM and IS-95), and it supports voice, data, text messaging and cross-border roaming. GSM operates in multiple frequency bands, GSM 850, GSM 900, GSM 1800, and GSM 1900. When GSM is working on a radio frequency band of 1800 MHz, it is sometimes referred to as DCS or GSM1800. When GSM is working in a frequency band of 1900, it is often referred to as PCS. The SIM is an essential element in a GSM network.

General Packet Radio Service (GPRS) is a radio technology for GSM networks that adds packet-switching protocols. As a 2.5G technology, GPRS enables high-speed packet data access (up to 115 kbps) for wireless Internet and other data communications. GPRS networks enhance or enable short message service (SMS), multimedia message service (MMS), email, games, and wireless application protocol (WAP) applications to a cell phone.

Enhanced Data rate for GSM Evolution (EDGE) is an enhancement to the GPRS services. EDGE increases transmission speeds (up to 384 kbps) within a GSM carrier space of 200 kHz and enables the transmission of large amounts of data. With EDGE, mobile operators can offer multimedia services and other broadband applications through mobile phones.

IS-36 is a wireless communication standard that has mostly been replaced by GSM. Nevertheless, in certain parts of the world, including North America, mobile equipment that is capable of both IS-136 and GSM standards will be available during the transition to universal adoption of GSM Standards. IS-136 uses Time Division Multiple Access (TDMA), which divides each 30 kHz channel into six time slots and enables three simultaneous voice calls over the channel. GSM networks use TDMA in one form or another. IS-136 networks are operated in the United States, Latin America, New Zealand, parts of Russia and Asia Pacific.

Code Division Multiple Access (CDMA) is a digital wireless technology that uses a spread spectrum technique to spread a signal across a wide frequency band. IS-95 is a 2G technology that employs CDMA. There are numerous wireless communication standards based on CDMA technology currently deployed around the world.

Wideband Code Division Multiple Access (WCDMA), a third generation (3G) technology defined in the Third Generation Partnership Project (3GPP), has been adopted in Europe and other regions of the world as the current state of GSM evolution. 3GPP2 standardizes multiple variants, including CDMA2000 1× (2.5G), CDMA2000 1×EV-DO and CDMA2000 1×EV-DV. Wideband CDMA, one of the radio access technologies for Universal Mobile Telecommunications System (UMTS) in Europe, is the worldwide 3G standard for GSM evolution. It supports very high-speed multimedia services such as full-motion video, Internet access and video conferencing. WCDMA uses one 5 MHz channel for both voice and data, offering data speeds up to 2 Mbps. WiFi is yet another wireless technology relevant to the present disclosure.

For convenience, all of the wireless network technologies above will be referred to as GSM technologies, unless otherwise specified. GSM, as well as PSTN and VoIP, network technologies and capabilities have advanced synergistically with advances in microprocessor technology to provide cell phones and other terminals with increasingly greater capacity to receive, store and process voice and data information. Examples of such terminals include smart phones, which have more internal memory than ordinary voice-oriented phones; camera phones, which can take a digital photograph, store the image and receive and transmit digital images; phone terminals that provide gaming consoles; and communicators, which is a generic term for any information-centric mobile terminal that combines a fully featured personal digital assistant (PDA) and a mobile phone in one terminal.

Such capabilities challenge the interchangeability of GSM phones because, with use, the phones become laden with private content. In a GSM environment, any phone can be used by inserting a SIM card into the phone and accessing the network. More significantly, however, inserting a SIM card into a GSM phone not only provides access to the network, but also provides access to the private content stored in the internal memory of the phone. If an owner loses, loans, discards, or otherwise loses control of the phone, anyone with a SIM card can access the owner's private content on the phone.

Accordingly, FIG. 1 is a block diagram showing an exemplary mobile terminal of one embodiment. As depicted in FIG. 1, the embodiment provides a mobile terminal 101 with a memory for storing private content 102, and a SIM 103. Terminal 101 has a SIM reader (not shown) in communication with a processor (also not shown) for executing instructions and commands. Subscriber identity on the SIM 103 is uniquely established with International Mobile Subscriber Identity (IMSI) information. IMSI information is particularly well adapted to the present disclosure because IMSI information is secure and not editable. In an alternative embodiment, a Mobile Station (MS) International “Integrated Services Digital Network” (ISDN) (MSISDN) number that further identifies the SIM is used in combination with the IMSI information to uniquely identify the subscriber. Private content 102 is labeled or otherwise linked to the content owner's IMSI information or IMSI/MSISDN combination. The alternative embodiments of IMSI information or an IMSI/MSISDN combination are referred to hereinafter on occasion as IMSI/MSISDN.

A security function 104 associates the IMSI or IMSI/MSISDN combination identifier of private contents 102, stored in the terminal 101 memory, with the IMSI or IMSI/MSISDN combination identifier on SIM 103 and grants access to private content 102 only to the authorized SIM 103. In one embodiment, the security function 104 includes but is not limited to, for example, a processor, or software executed by a processor, that operates between the SIM reader and the terminal memory to perform correlative operations on the corresponding IMSI or IMSI/MSISDN combination. Terminal 101 performs the appropriate output (access or notice of denial of access) to display viewer 105.

FIG. 2 is a flow chart of an exemplary method of the present disclosure. An exemplary method is illustrated for controlling access to private content 202 stored in a GSM/SIM mobile terminal 201. In step S201, the private content 202 is provided with IMSI/MSISDN information 204. Step S202 associates the private content IMSI/MSISDN 204 with the IMSI/MSISDN 205 of SIM 203. In step S203, the IMSI/MSISDN 204 of the private content 202 is compared with the IMSI/MSISDN 205 of the SIM 203. In step S204, access to the private content 202 is denied when the comparison result 206 is negative, or, in step S205, access to the private content 202 is granted when the comparison result 207 is positive.

FIG. 3 is a block diagram showing an exemplary system. The exemplary system of FIG. 3 prevents unauthorized access to private content stored in the internal memory of a mobile terminal. System 300 includes, but is not limited to, mobile equipment 301 that accesses a wireless network by radio transmission and reception using, for example, 3GPP network protocol 305. Mobile equipment 301 has private content 302 stored on the internal memory 303 of the mobile equipment 301. The private content 302, or a pre-determined portion thereof, is associated with IMSI and MSISDN information unique to an owner of the private content 302 or to an owner of the pre-defined portion of the private content.

System 300 further includes at least one SIM 304 containing subscriber information and service and/or application profiles of the subscriber. SIM 304 identifies the subscriber by IMSI and MSISDN information stored on SIM 304.

System 300 operates so that access to all or to the pre-defined portion of the private content 302 occurs only when the IMSI/MSISDN information of SIM 304 correlates to the IMSI/MSISDN information of the private content 302, or of the pre-defined portion of the private content 302, stored in the memory of the mobile equipment 301.

A particular embodiment of system 300 further includes radio transmission and reception via wireless network protocol 305. Network protocols contemplated by system 300 include, but are not limited to, GSM, GPRS, EGPRS, UMTS and 3GPP.

A portion of private content 302 may be factory installed settings and information or may be obtained from tangible medium such as smart cards, game cartridges, and the like, which are able to be physically connected to mobile equipment 301. Additionally, a portion of private content 302 may be downloaded from content provider 306, such as a file or email server, connected to mobile equipment 301 via network protocol 305. Content provider 306 of system 300 may be any suitable medium that addressably stores digital content such that the content may be wirelessly downloaded to mobile equipment 301.

Downloading content over wireless networks, or by means of wireless connections to content servers, has become an important source of revenue for wireless carriers and content providers. The emergence of technologies such as Bluetooth®, and the popularity of downloading ring tones are merely the leading edge of a burgeoning economic sector in the wireless industry. Ring tones, software, games, images (jpeg, gif, tiff, and so forth) video (e.g., mpeg), and audio (e.g., wav, MP3), are all familiar downloadable content, but content further includes karaoke software, television image capture, remote control software to control toys and other RC devices, electronic keys, massage vibrations, and any content that can be stored digitally.

Embodiments of the terminal include one or more MMC memory card slot for MP3 files, and one or more digital voice recorder. Private content stored on a “smart skin” of a phone are contemplated by the present disclosure. PSTN and VoIP compatible terminals are also contemplated by embodiments of the present disclosure.

Private content may be organized into two categories, discrete content and contact content. Discrete content includes, but is not limited to, discrete items such as an MP3 file, a jpeg image, or a ring tone. Items of discrete content may be copyright protected, such as MP3 format copyright songs or ring tones, or the item may be personal such as a family photograph in jpeg format. Pursuant to the present disclosure, each item of discrete content may be protected by a pre-defined terminal/SIM IMSI or IMSI/MSISDN combination.

Contact content is content used for various services such as email, instant text messaging, instant voice messaging, voice mail, Push-To-Talk (PTT), and includes, but is not limited to, SIP address, phone books, address books, contact lists, and buddy lists. Pursuant to the present disclosure, each group of contact content may be protected by a defined terminal/SIM IMSI or IMSI/MSISDN combination. The present disclosure contemplates that the terminal IMSI/MSISDN be the same as the SIM IMSI/MSISDN or that the IMSI/MSISDN of the terminal and the SIM merely correlate in a predetermined combination to grant access to the private content.

An advantage of the disclosed system is that it does not require Trusted Third Party (TTP) domain applications in a Mobile station application Execution Environment (MExE). Applications in the TTP domain are signed with a key that can be verified back to a trusted root certificate on an MExE device. TTP domain applications, trusted root certificates and MExE are strictly java-based security protocols. The disclosed system, in contrast, is not java dependent. Pursuant to the disclosed system, any suitable algorithm may accomplish correlation of the terminal IMSI/MSISDN information with the SIM IMSI/MSISDN information without recourse to an MExE administrator protocol.

A further advantage of the disclosed system is the terminal need not be disabled in order to protect the private content. That is, a mobile phone terminal, if lost or stolen, may continue to function as a phone with a SIM in a GSM network environment. The private content stored on the phone, however, will remain inaccessible and protected. Someone may use the phone for an emergency call, for example, with a strange SIM card, but they would not be able to access the phone owner's buddy list or family photo images.

Although the disclosure has been described with reference to several exemplary embodiments, it is understood that the words that have been used are words of description and illustration, rather than words of limitation. Changes may be made within the purview of the appended claims, as presently stated and as amended, without departing from the scope and spirit of the disclosure in all its aspects. Although the disclosure has been described with reference to particular means, materials and embodiments, the disclosure is not intended to be limited to the particulars disclosed; rather, the disclosure extends to all functionally equivalent technologies, structures, methods and uses such as are within the scope of the appended claims.

In accordance with various embodiments of the present disclosure, the steps and methods described herein are intended, inter alia, for operation as software programs running on a computer processor. Dedicated hardware implementations including, but not limited to, application specific integrated circuits, programmable logic arrays and other hardware devices can likewise be constructed to implement the methods described herein. Furthermore, alternative software implementations including, but not limited to, distributed processing or component/object distributed processing, parallel processing, or virtual machine processing can also be constructed to implement the methods described herein.

It should also be noted that the software implementations as described herein are optionally stored on a tangible storage medium, such as: a magnetic medium such as a disk or tape; a magneto-optical or optical medium such as a disk; or a solid state medium such as a memory card or other package that houses one or more read-only (non-volatile) memories, random access memories, or other re-writable (volatile) memories. A digital file attachment to email or other self-contained information archive or set of archives is considered a distribution medium equivalent to a tangible storage medium. Accordingly, the disclosure is considered to include a tangible storage medium or distribution medium, as listed herein and including art-recognized equivalents and successor media, in which the software implementations herein are stored.

Although the present specification describes components and functions implemented in the embodiments with reference to particular standards and protocols, the scope of the invention is not limited to such standards and protocols. Each of the standards for Internet and other packet switched network transmission public telephone networks represent examples of the state of the art. Such standards are periodically superseded by faster or more efficient equivalents having essentially the same functions. Replacement standards and protocols having the same functions are considered equivalents. Accordingly, it is intended that the scope of the invention including such alternatives, modifications, and variations contemplated shall be defined by the appended claims. 

1. A terminal comprising: a memory to store private content; a private content identifier that includes a Mobile Station Integrated Services Digital Network (MSISDN) number; and a security function to compare the private content identifier with a first smart card identifier associated with a first smart card to produce a first comparison result and to grant the first smart card access to the private content when the first comparison result is positive; wherein the first smart card identifier includes the MSISDN number.
 2. The terminal of claim 1, wherein the terminal comprises a mobile telephone.
 3. The terminal of claim 1, wherein the private content identifier further includes International Mobile Subscriber Identity (IMSI) information.
 4. The terminal of claim 3, wherein the smart card identifier further includes the IMSI information.
 5. The terminal of claim 4, wherein the security function is further to: compare the private content identifier with a second smart card identifier associated with a second smart card to produce a second comparison result; and deny the second smart card access to the private content when the second comparison result is negative; wherein the second smart card identifier does not include the IMSI information or the second smart card identifier does not include the MSISDN number.
 6. The terminal of claim 1, wherein the first smart card identifier further includes International Mobile Subscriber Identity (IMSI) information.
 7. The terminal of claim 1, wherein the first smart card comprises a Subscriber Identity Module (SIM).
 8. The terminal of claim 1, wherein the private content comprises an audio file.
 9. The terminal of claim 1, wherein the private content comprises a video file.
 10. The terminal of claim 1, wherein the private content comprises a ring tone.
 11. The terminal of claim 1, wherein the private content comprises a group of contact information.
 12. The terminal of claim 1, wherein the terminal comprises a GSM terminal.
 13. The terminal of claim 1, wherein the private content comprises a game.
 14. The terminal of claim 1, wherein the terminal comprises a Multi-Media Card (MMC), a digital voice recorder, a Public Service Telephone Network (PSTN) compatible terminal, a Voice over Internet Protocol (VoIP) compatible terminal, or a communicator.
 15. A method of controlling access to private content, the method comprising: comparing a private content identifier with a first smart card identifier to produce a first comparison result; wherein the first smart card identifier is associated with a first smart card; wherein at least a portion of the private content is linked to the private content identifier; and granting access to the portion of the private content when the first comparison result is positive; wherein the private content identifier is linked to a Mobile Services Integrated Services Digital Network (MSISDN) number; and wherein the first smart card identifier is associated with the MSISDN number.
 16. The method of claim 15, wherein the private content identifier is linked to International Mobile Subscriber Identity (IMSI) information.
 17. The method of claim 16, wherein the first smart card is a Subscriber Identity Module (SIM), and wherein a subscriber identity is established on the SIM at least in part via the IMSI information.
 18. The method of claim 15, further comprising: comparing the private content identifier with a second smart card identifier associated with a second smart card to produce a second comparison result; wherein the second smart card is not associated with the MSISDN number or does not include International Mobile Subscriber Identity (IMSI) information; and denying access to the private content when the second comparison result is negative.
 19. A computer-readable medium including processor-executable instructions that when executed, cause a processor to: compare a private content identifier to a first smart card identifier that identifies a first smart card to produce a first comparison result; wherein at least a portion of the private content is linked to the private content identifier; wherein the private content identifier is associated with a Mobile Services Integrated Services Digital Network (MSISDN) number; wherein the first smart card identifier is associated with the MSISDN number; and grant access to the portion of the private content when the first comparison result is satisfied.
 20. The computer-readable medium of claim 19, wherein the private content comprises a buddy list. 